
<?php



//Vulnerable to SQL_Injection
//admin credentials
//user = admin
//password = pwad 

$user = $_POST["userName"];
$password = $_POST["password"];

//Here is where the magic happens
//$user = mysql_real_escape_string($user);
//$password = mysql_real_escape_string($password);
$conn = mysql_connect('localhost', 'root', '');
mysql_select_db("school");
$query ="SELECT * FROM users WHERE user = '$user' AND password = '$password'";
$result = mysql_query($query) or die("Query failed: " . mysql_error());
$numOfRows = mysql_num_rows($result);
echo"<table>";
if($numOfRows > 0){
	echo "<tr><td> Welcome $user </td></tr>";
	
	while($row = mysql_fetch_row($result))
	{
		echo "<tr>";
		
		foreach($row as $cell)
			echo "<td>$cell</td>";
		
		echo "</tr>\n";
	}
	
}
else {
	echo "Incorrect user name and or password";
}
echo "</table>";
mysql_free_result($result);
















/*
//Using php's escaping function
$user = $_POST["userName"];
$password = $_POST["password"];

//Here is where the magic happens
$user = mysql_real_escape_string($user);
$password = mysql_real_escape_string($password);
$conn = mysql_connect('localhost', 'root', '');
mysql_select_db("school");
$query ="SELECT * FROM users WHERE user = '$user' AND password = '$password'";
$result = mysql_query($query) or die("Query failed: " . mysql_error());
$numOfRows = mysql_num_rows($result);
echo"<table>";
if($numOfRows > 0){
	echo "<tr><td> Welcome $user </td></tr>";

	while($row = mysql_fetch_row($result))
	{
		echo "<tr>";

		foreach($row as $cell)
			echo "<td>$cell</td>";

		echo "</tr>\n";
	}

}
else {
	echo "Incorrect user name and or password";
}
echo "</table>";
mysql_free_result($result);
*/













//Prepared Statement Example
//Escaping Example
//admin credentials
//user = admin
//password = pwad 
/*
$user = $_POST["userName"];
$password = $_POST["password"];
$db = new mysqli('localhost', 'root','', 'school');
$stmt = $db->prepare("SELECT * FROM users WHERE user = ? AND password = ?");
$stmt-> bind_param("ss",$user, $password);
$stmt->execute();
$result = $stmt->get_result();
$numOfRows = $result->num_rows;
echo "The number of return rows is $numOfRows";
echo"<table>";
if($numOfRows > 0){
	echo "<tr><td> Welcome $user </td></tr>";
	
	while($row = $result->fetch_assoc())
	{
		echo "<tr>";
		
		foreach($row as $cell)
			echo "<td>$cell</td>";
		echo "</tr>\n";
	}
	
}
else {
	echo "Incorrect user name and or password";
}
echo "</table>";
$db ->close();
*/

?>